SoylentNews

upstart writes:

SpaceX becomes NASA’s second-largest vendor, surpassing Boeing:

NASA obligated $2.04 billion to SpaceX in fiscal year 2022, which ended last month, according to new federal procurement data.

For the first time, the amount paid by the space agency to SpaceX exceeds that paid to Boeing, which has long been the leading hardware provider to NASA. Boeing received $1.72 billion during the most recent fiscal year, based on data first reported by Aviation Week's Irene Klotz.

The California Institute of Technology, which manages the Jet Propulsion Laboratory field center for NASA, remains the agency's No. 1 contractor, with $2.68 billion in funding. The academic institution is responsible for operating the California-based NASA field center and distributing funding for myriad robotic spacecraft missions such as Mars Perseverance and the Europa Clipper.

On the one hand, the ascension of SpaceX to the No. 2 spot on NASA's contractor list represents a major shakeup in the order of things. For a long time, NASA's human spaceflight and exploration programs were dominated by Boeing, Lockheed Martin, Aerojet, Northrop Grumman, and a handful of other traditional defense aerospace contractors.

upstart writes:

Leaked data from TheTruthSpy stalkerware network reveals its Android apps tracked the calls, locations, and other information of hundreds of thousands of people:

A massive cache of leaked data reveals the inner workings of a stalkerware operation that is spying on hundreds of thousands of people around the world, including Americans.

The leaked data includes call logs, text messages, granular location data and other personal device data of unsuspecting victims whose Android phones and tablets were compromised by a fleet of near-identical stalkerware apps, including TheTruthSpy, Copy9, MxSpy and others.

These Android apps are planted by someone with physical access to a person's device and are designed to stay hidden on their home screens but will continuously and silently upload the phone's contents without the owner's knowledge.

Given that victims had no idea that their device data was stolen, TechCrunch extracted every unique device identifier from the leaked database and built a lookup tool to allow anyone to check if their device was compromised by any of the stalkerware apps up to April 2022, which is when the data was dumped.

TechCrunch has since analyzed the rest of the database. Using mapping software for geospatial analysis, we plotted hundreds of thousands of location data points from the database to understand its scale. Our analysis shows TheTruthSpy's network is enormous, with victims on every continent and in almost every country. But stalkerware like TheTruthSpy operates in a legal gray area that makes it difficult for authorities around the world to combat, despite the growing threat it poses to victims.

Freeman writes:

After 19 years of work, Juan Gilbert says he has invented the most secure voting machine

In late 2020, a large box arrived at Juan Gilbert's office at the University of Florida. The computer science professor had been looking for this kind of product for months. Previous orders had yielded poor results. This time, though, he was optimistic.

Gilbert drove the package home. Inside was a transparent box, built by a French company and equipped with a 27-inch touchscreen. Almost immediately, Gilbert began modifying it. He put a printer inside and connected the device to Prime III, the voting system he has been building since the first term of the George W. Bush administration.

After 19 years of building, tinkering, and testing, he told Undark this spring, he had finally invented "the most secure voting technology ever created."

[...] By this point, Gilbert had published a video of his ballot-marking device, or BMD, in action, but he was unsure how the hacking community would respond. "There's a part of that community that's very confident in what they do," he said. "And if they hear how it works, they may run away from it."

[...] The latest version of the machine, which Gilbert and his students finalized this year, has all the parts of a normal voting machine: a touch screen for voters to make their selections and a printer to create a paper ballot that is then fed into a scanner.

The machine also has some more distinctive security features. The touchscreen is transparent, allowing voters to watch the machine print their ballot, in real-time, and notice any issues. The whole machine is also encased in fully transparent glass, making it difficult to insert, say, a malicious USB drive undetected. And the machine's operating system, software, printer connection, and ballot information are stored on a read-only Blu-ray Disc. Unlike a typical hard drive, which voting technology skeptics say could be manipulated to change a person's votes, the disc cannot be overwritten, modified, or changed in any way. "I have taken away that ability," said Gilbert. "You cannot change it."

Arthur T Knackerbracket has processed the following story:

Stradivarius violins are highly prized collector’s items. According to some musicians, they produce elegant music with a level of clarity that is unparalleled by modern instruments. And it’s the finishing touches — mysterious treatments applied hundreds of years ago by Antonio Stradivari — that contribute to their unique look and sound. In a step toward unraveling the secret, researchers report on nanometer-scale imaging of two of Stradivari’s violins, revealing a protein-based layer between the wood and varnish. The study was published on October 17 in ACS’ Analytical Chemistry.

[...] It was reported in previous studies that some stringed instruments built by Stradivari have a hidden coating underneath the shiny varnish. By filling in and smoothing out the wood, this coating would influence the wood’s resonance and the sound that’s produced. Knowing the components of this film could be key to replicating the historic instruments in modern times. So, Lisa Vaccari, Marco Malagodi, and colleagues wanted to find a technique that would determine the composition of the layer between the wood and varnish of two precious violins — the San Lorenzo 1718 and the Toscano 1690.

Using synchrotron radiation Fourier-transform infrared spectromicroscopy, a technique previously used on historic violins, the research team discovered that both samples had an intermediary layer. However, this method couldn’t differentiate the layer’s composition from the adjacent wood.

Next, they turned to infrared scattering-type scanning near field microscopy (IR s-SNOM) to analyze the samples. The IR s-SNOM apparatus includes a microscope that collects images tens of nanometers wide and measures the infrared light scattered from the coating layer and the wood to collect information about their chemical composition. The results of the new method revealed that the layer between the wood and varnish of both instruments contained protein-based compounds, congregating in nano-sized patches.

Reference: “A Nanofocused Light on Stradivari Violins: Infrared s-SNOM Reveals New Clues Behind Craftsmanship Mastery” by Chiaramaria Stani, Claudia Invernizzi, Giovanni Birarda, Patrizia Davit, Lisa Vaccari, Marco Malagodi, Monica Gulmini and Giacomo Fiocco, 17 October 2022, Analytical Chemistry.
DOI: 10.1021/acs.analchem.2c02965

Original Submission

Arthur T Knackerbracket has processed the following story:

A common chemical found in urine can be used to kick-start large-scale production of proteins such as hormones and antibodies used by biotech companies.

Researchers at the University of Birmingham and Aston University, in the U.K., have developed a system that uses urea to trigger the production of these proteins in the large quantities needed by the biotech industry.

Typically, in this process, small pieces of DNA are introduced into bacteria such as E.coli to persuade them to overproduce certain proteins. It is a well-understood technology that was first developed in the 1970s. Overproduction, however, is typically triggered by "inducer" molecules, which can be costly, and often need careful handling, such as refrigeration.

By using urea instead, the researchers have developed a method that is cheaper, more straightforward, and uses easily accessible materials.

[...] The study builds on earlier work in which the team successfully demonstrated that nitrate, a cheap, stable and abundant inorganic ion, could also be used as a trigger. Nitrate is commonly found in many commercial fertilizers and even in some garden fertilizers, meaning that it is always readily available, even in areas where other types of promoter chemicals might be inaccessible.

Co-author Dr. Joanne Hothersall, also in the School of Biosciences, added, "Both urea and nitrate will be much more readily available, and easy to use, in locations where infrastructure limits access, for example where maintaining a cold supply chain is challenging. We hope these new approaches will open up new avenues of research for biotech industries."

A versatile substance indeed:
    Should We be Trying to Create a Circular Urine Economy?
    In Space, Pee Is for Power
    World's First Biobricks Grown from Human Urine
    Testing the Use of Human Urine as a Natural Fertilizer for Crops
    Geopolymer Concrete: Building Moon Bases with Astronaut Urine and Regolith

Journal Reference:
Joanne Hothersall, Alexander Osgerby, Rita E. Godfrey, et al. New vectors for urea-inducible recombinant protein production, New Biotechnology (2022). DOI: 10.1016/j.nbt.2022.10.003

Original Submission

upstart writes:

Meet the Windows servers that have been fueling massive DDoSes for months:

A small retail business in North Africa, a North American telecommunications provider, and two separate religious organizations: What do they have in common? They're all running poorly configured Microsoft servers that for months or years have been spraying the Internet with gigabytes-per-second of junk data in distributed-denial-of-service attacks designed to disrupt or completely take down websites and services.

In all, recently published research from Black Lotus Labs, the research arm of networking and application technology company Lumen, identified more than 12,000 servers—all running Microsoft domain controllers hosting the company's Active Directory services—that were regularly used to magnify the size of distributed-denial-of-service attacks, or DDoSes.

For decades, DDoSers have battled with defenders in a constant, never-ending arms race. Early on, DDoSers simply corralled ever-larger numbers of Internet-connected devices into botnets and then used them to simultaneously send a target more data than they can handle. Targets—be they game companies, journalists, or even crucial pillars of Internet infrastructure—often buckled at the strain and either completely fell over or slowed to a trickle.

Companies like Lumen, Netscout, Cloudflare, and Akamai then countered with defenses that filtered out the junk traffic, allowing their customers to withstand the torrents. DDoSers responded by rolling out new types of attacks that temporarily stymied those defenses. The race continues to play out.

One of the chief methods DDoSers use to gain the upper hand is known as reflection. Rather than sending the torrent of junk traffic to the target directly, DDoSers send network requests to one or more third parties. By choosing third parties with known misconfigurations in their networks and spoofing the requests to give the appearance they were sent by the target, the third parties end up reflecting the data at the target, often in sizes that are tens, hundreds, or even thousands of times bigger than the original payload.

What should the response be to those who run misconfigured servers? Should we try to help them secure their servers (at their cost, of course) or should the servers be shut down?

Original Submission

Arthur T Knackerbracket has processed the following story:

Christmas came a little early for NASA's InSight mission last December when the lander detected a massive quake on Mars.

Now, scientists know what caused the red planet to rumble. A meteoroid slammed into Mars 2,174 miles (3,500 kilometers) away from the lander and created a fresh impact crater on the Martian surface.

The ground literally moved beneath InSight on December 24, 2021, when the lander recorded a magnitude 4 marsquake. Before and after photos captured from above by the Mars Reconnaissance Orbiter, which has been circling Mars since 2006, spotted a new crater this past February.

When scientists connected the dots from both missions, they realized it was one of the largest meteoroid strikes on Mars since NASA began studying the red planet. Images from the orbiter's two cameras showed the blast zone of the crater, which allowed scientists to compare it with the epicenter of the quake detected by InSight.

The journal Science published two new studies describing theimpact and its effects on Thursday.

upstart writes:

Bot reveals rejected vanity license plates and the real DMV notes on why they were flagged:

Many, many years ago I wanted a vanity license plate for my vintage International Travelall. As I remember it, the first one I tried for, WAGESLV, got rejected right away. But the second one, BORACHA (a take on the Spanish slang for drunkard: borracho), went through. I forget what story I told the DMV about what it meant but I thought it was hilarious that it didn't get flagged. I waited and waited for the personalized plate and eventually got a notice that it had been rejected after all. I ended up with 4BIGRIG, a nod to my zine at the time, Bigrig Industries Manifesto.

So I was definitely tickled to learn about the California DMV Bot on Twitter. It randomly spits out real (and mostly) rejected personalized plates, the reasons people gave for wanting them, and the actual comments the DMV gave for accepting or denying them. It's my new favorite thing.

KQED:

The bot is the work of a Silicon Valley 15-year-old, going by "RJ," who recently discovered a trove of flagged DMV applications from 2015-2016 — the result of a public records request by journalist Samuel Braslow for a fascinating piece in Los Angeles Magazine. Without anything to do one weekend, and with "an insatiable curiosity of the inner workings of quite literally everything," RJ built the bot in one day.

One month later, it now posts juvenile license plate attempts like "TRD FURY" and "ASSMNKY" to over 25,000 followers, 24 hours a day.

Original Submission

hubie writes:

New study undermines the theory that depressed people are just more realistic:

Are depressed people simply more realistic in judging how much they control their lives, while others view the world through rose-colored lenses, living under the illusion that they have more control than they do?

That's the general idea behind "depressive realism," a theory that has held sway in science and popular culture for more than four decades.

The problem is, it's just not true, new research finds.

[...] The concept of depressive realism stems from a 1979 study of college students examining whether they could predict how much control they had over whether a light turned green when they pushed a button. The original research concluded that the depressed students were better at identifying when they had no control over the lights, while those who weren't depressed tended to overestimate their level of control.

Moore and his colleagues set out to try to replicate those findings as part of a broader effort to restore trust in scientific research, much of which is woven into the fabric of the scientific community and wider culture. Researchers are revisiting bedrock studies to shore up the most basic of scientific principles: Can the research—and its conclusions—be replicated?

[...] The results, Moore says, undermined his belief in depressive realism.

[...] While depression may not improve judgment, the issue of how to accurately gauge our level of control in various situations has broader implications throughout life, Moore says.

"We live with a great deal of uncertainty about how much control we have—over our careers, our health, our body weight, our friendships, or our happiness," says Moore. "What actions can we take that really matter? If we want to make good choices in life, it's very helpful to know what we control and what we don't."

Journal Reference:
Amelia S. Dev, Don A. Moore, Sheri L. Johnson, et al. Sadder ≠ Wiser: Depressive Realism Is Not Robust to Replication [open], Collabra: Psychology, 2022. DOI: 10.1525/collabra.38529

Original Submission

hubie writes:

VPNs do not provide the security properties people expect:

"VPNs were originally designed to get into a secure network, but companies have repurposed them so you can escape a restrictive internet service provider you don't trust and access a free and safe one instead," Crandall says. "So, the way people use VPNs today is kind of backwards."

Crandall notes this access is helpful when users are worried about their browsing data being monitored though their internet service provider, or ISP, or when users are in a country that censors their internet activity.

[...] "We're really just asking the fundamental questions like, 'When you repurpose VPNs in this way, do they actually have the security properties that people expect?'" he says, reiterating his work's focus on at-risk users who face severe consequences from censorship and surveillance policies. "The first part of the research that we did was looking at the VPN tunnel itself, which is an encrypted tunnel between the VPN server and the client, to see what kind of damage attackers can do from there."

[...] The team concluded that traffic can still be attacked from the tunnel in the same ways as if VPN were not being used, with attackers able to redirect connections and serve malware, which is what users believe VPN protects them from.

[...] "For people around the world, there can be a lot at stake when VPN providers market with false claims about their services. Our research exposed how VPN-based services, including the ones marketing their VPN service as 'invisible' and 'unblockable,' can be effectively blocked with little collateral damage," says Ensafi, an assistant professor of electrical engineering and computer science. [...]

"As VPNs continue experiencing increased usage, repressive countries have developed some of the most sophisticated censorship and surveillance technology in response," Mixon-Baca says. "This work is crucial to make progress toward understanding how these systems operate and developing defenses for attacks on the users who depend on VPNs."

USENIX presentation slides as well as a ten-minute video of the talk

Original Submission

upstart writes:

Facebook parent Meta fined $24.6M for violating Washington state's political ad disclosure law:

Meta, the parent company of Facebook, was fined the maximum penalty of $24.6 million on Wednesday for violating Washington state's campaign finance transparency law.

King County Superior Court Judge Douglass North found that Meta intentionally violated Washington law 822 times. Each fine carried a penalty of $30,000. Attorney General Bob Ferguson's office called the judgement "the largest campaign finance penalty anywhere in the country — ever."

"I have one word for Facebook's conduct in this case — arrogance," Ferguson said in a news release. "It intentionally disregarded Washington's election transparency laws. But that wasn't enough. Facebook argued in court that those laws should be declared unconstitutional. That's breathtaking.

"Where's the corporate responsibility?" Ferguson continued. "I urge Facebook to come to its senses, accept responsibility, apologize for its conduct, and comply with the law. If Facebook refuses to do this, we will beat them again in court."

[...] According to the attorney general, the law requires campaign advertisers, including entities such as Meta that host political ads, to make information about Washington political ads that run on their platforms available for public inspection in a timely manner. The state asserted that Meta violated the law repeatedly since December 2018 and committed hundreds of violations.

In court filings, Meta called Washington state "an outlier," arguing that the disclosure law violates the First Amendment by unfairly targeting political speech, and imposing onerous timelines for disclosing what Meta considers unreasonable degrees of detail to people who request information about political ads.

A judge rejected that argument in September and granted Washington's motion for summary judgment, resolving the case without trial.

Original Submission

hubie writes:

Mathematical Formula Tackles Complex Moral Decision-Making in AI:

An interdisciplinary team of researchers has developed a blueprint for creating algorithms that more effectively incorporate ethical guidelines into artificial intelligence (AI) decision-making programs. The project was focused specifically on technologies in which humans interact with AI programs, such as virtual assistants or "carebots" used in healthcare settings.

[...] "For example, let's say that a carebot is in a setting where two people require medical assistance. One patient is unconscious but requires urgent care, while the second patient is in less urgent need but demands that the carebot treat him first. How does the carebot decide which patient is assisted first? Should the carebot even treat a patient who is unconscious and therefore unable to consent to receiving the treatment?

"Previous efforts to incorporate ethical decision-making into AI programs have been limited in scope and focused on utilitarian reasoning, which neglects the complexity of human moral decision-making," Dubljević says. "Our work addresses this and, while I used carebots as an example, is applicable to a wide range of human-AI teaming technologies."

[...] To address the complexity of moral decision-making, the researchers developed a mathematical formula and a related series of decision trees that can be incorporated into AI programs. These tools draw on something called the Agent, Deed, and Consequence (ADC) Model, which was developed by Dubljević and colleagues to reflect how people make complex ethical decisions in the real world.

[...] "With the rise of AI and robotics technologies, society needs such collaborative efforts between ethicists and engineers. Our future depends on it."

Journal Reference:
Michael Pflanzer, Zachary Traylor, Joseph B. Lyons, et al. Ethics in human–AI teaming: principles and perspectives [open]. AI Ethics (2022). https://doi.org/10.1007/s43681-022-00214-z

Original Submission

upstart writes:

Most lithium deposits in the US are on or near tribal land:

From The Guardian (CC-BY-SA 2.0) :

[...] Three-quarters of all known deposits of lithium in America are found near tribal land, igniting fears that a decline in destructive fossil-fuel mining could simply be replaced by a new form of harmful extraction.

Plans for a major, controversial new lithium mine in northern Nevada – a 1,000-acre site called Thacker Pass – will "will turn what is left of my ancestral homelands into a sacrifice zone for electric car batteries", Shelley Harjo, a member of the Fort McDermitt Paiute and Shoshone Tribe, has warned, all still without meeting the burgeoning thirst for lithium.

Lithium demand is of course on the rise thanks to the mineral's role in battery stage and the ongoing global energy crisis. According to The Guardian, there's enough lithium at Silver Peak for 80,000 electric cars — that's not an insignificant contribution to decarbonization efforts! But there is some concern about the lithium battery production process, which involves massive water use and some higher emissions upfront. Even if it is ultimately a more environmentally-friendly option (assuming we can figure out better means of recycling or disposal), the threat of that resource extraction, particularly when the impact hits indigenous communities the hardest, is ... well, not great, to say the least, as evidenced by the entirety of US history.

Original Submission

upstart writes:

Another GeForce RTX 4090 16-pin Adapter Bites The Dust (Updated):

Update 10/26/2022 6:15 pm PT

Gigabyte has sent Redditor reggie gakil a replacement for his GeForce RTX 4090 Gaming OC. Next, the damaged graphics card and melted power adapter will make their way to Nvidia for inspection.

Meanwhile, a fifth GeForce RTX 4090 owner has come forward on Reddit to report a similar meltdown on his power adapter. He accidentally discovered it when disconnecting his Asus TUF Gaming GeForce RTX 4090 OC Edition to install his newly acquired Core i9-13900K Raptor Lake processor.

The Redditor's photograph showed that some pins had experienced excessive heat. The corner terminals look slightly backed out, whereas one of the ports has already started to melt. The user shared another photograph of his system, and the power adapter appears to be seated properly, and the cable isn't overly bent, which discards a bad installation.

Original Article:

[...] Previously, two GeForce RTX 4090 owners have reported experiencing 16-pin power adapter meltdowns. Both owned custom models, with the first owner rocking a Gigabyte GeForce RTX 4090 Gaming OC and the second user with an Asus TUF Gaming GeForce RTX 4090 OC Edition. The third report comes from a Facebook user Charlie Woods (then tweeted via WCCF's Hassan Mujtaba), who coincidentally has an Asus TUF Gaming GeForce RTX 4090. According to the owner's recount of the facts, he was benchmarking when he smelled the smoke from the power adapter. Fortunately, he could pull the connector out before it did any damage to the graphics card.

upstart writes:

Ancient 15,000-Year-Old Viruses Found in Melting Tibetan Glaciers:

Ancient creatures are emerging from the cold storage of melting permafrost, almost like something out of a horror movie.

From incredibly preserved extinct megafauna like the woolly rhino, to the 40,000-year-old remains of a giant wolf, and bacteria over 750,000 years old.

Not all of these things are dead.

Centuries-old moss was able to spring back to life in the warmth of the laboratory. So too, incredibly, were tiny 42,000-year-old roundworms.

These fascinating glimpses of organisms from Earth's long distant past are revealing the history of ancient ecosystems, including details of the environments in which they existed.

But the melt has also created some concerns about ancient viruses coming back to haunt us.